← Back to Skills Marketplace
lotfinity

Camofox Browser Control

by lotfinity · GitHub ↗ · v0.1.0 · MIT-0
cross-platform ⚠ suspicious
67
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install camofox-browser-control
Description
Control a standalone camofox-browser server over its REST API, especially when a local or remote service is already running on port 9377. Use for opening tab...
README (SKILL.md)

Use the standalone camofox-browser server directly over HTTP.

Default assumptions for this workspace:

  • Base URL: http://127.0.0.1:9377
  • The service is already running.
  • userId is mandatory on nearly every useful request.
  • sessionKey (or legacy listItemId) groups tabs; default to default.

Golden workflow

  1. Check /health.
  2. Create a tab with /tabs.
  3. Call /tabs/:tabId/wait.
  4. Call /tabs/:tabId/snapshot and read refs.
  5. Act with /click, /type, /press, /scroll, or /navigate.
  6. Snapshot again after any state-changing action.

Prefer this loop over HTML scraping.

Hard rules

  • Always send userId.
  • Prefer POST /tabs with sessionKey for raw server use.
  • Re-snapshot after click, type, press, or navigation.
  • If a field ignores fill, retry with type using mode: "keyboard".
  • If /tabs returns an empty list, check whether userId was omitted.
  • Use direct navigation when the target URL is known; do not over-click through search results if a stable URL exists.
  • Use VNC/manual login for MFA, CAPTCHAs, or brittle auth flows, then reuse storage state or persistence.

Minimal endpoint map

Read references/api-cheatsheet.md when you need request/response shapes.

Most-used endpoints:

  • GET /health
  • POST /tabs
  • GET /tabs?userId=...
  • POST /tabs/:tabId/wait
  • GET /tabs/:tabId/snapshot?userId=...
  • POST /tabs/:tabId/click
  • POST /tabs/:tabId/type
  • POST /tabs/:tabId/press
  • POST /tabs/:tabId/scroll
  • POST /tabs/:tabId/navigate
  • POST /tabs/:tabId/evaluate
  • POST /sessions/:userId/cookies
  • GET /sessions/:userId/storage_state

Recommended helper script

Use scripts/camofox.py instead of rewriting raw HTTP every time.

Examples:

python3 skills/camofox-browser-control/scripts/camofox.py health
python3 skills/camofox-browser-control/scripts/camofox.py open --user lotfi --session default --url https://github.com
python3 skills/camofox-browser-control/scripts/camofox.py snapshot --user lotfi --tab \x3CtabId>
python3 skills/camofox-browser-control/scripts/camofox.py click --user lotfi --tab \x3CtabId> --ref e17
python3 skills/camofox-browser-control/scripts/camofox.py type --user lotfi --tab \x3CtabId> --ref e2 --text 'hello' --mode fill
python3 skills/camofox-browser-control/scripts/camofox.py type --user lotfi --tab \x3CtabId> --text '97304' --mode keyboard --submit
python3 skills/camofox-browser-control/scripts/camofox.py navigate --user lotfi --tab \x3CtabId> --url https://example.com

Known quirks

  • GET /tabs without userId can misleadingly show no tabs even when tabs exist.
  • Refs go stale after page changes. Snapshot again instead of reusing old refs blindly.
  • click already retries normal click, force click, and mouse sequence; success does not guarantee the frontend changed the state you expect, so verify with a fresh snapshot.
  • Some sites accept direct URL navigation more reliably than UI clicking.
  • Some frontend inputs require true keyboard events. Use mode: "keyboard" plus --submit when fill does not trigger app logic.
  • Large multi-step chained calls are more fragile than short calls with verification between them.

Login strategy

For normal forms:

  • open → wait → snapshot → type → click/submit → snapshot

For stubborn auth:

  • use VNC/noVNC login
  • export storage_state
  • rely on persistence or restore state on later runs

For cookie bootstrap:

  • import Netscape cookies through /sessions/:userId/cookies
  • requires CAMOFOX_API_KEY

Escape hatch

Use /tabs/:tabId/evaluate only when refs/typing/clicking are insufficient. Keep expressions small and targeted.

Local note for this machine

The current host already has a live server on 127.0.0.1:9377, with VNC/noVNC exposed by the container. Treat that as the default target unless the task says otherwise.

Usage Guidance
This skill appears to be a simple REST client for a local camofox-browser service, which is coherent — but note the mismatch: the docs mention a CAMOFOX_API_KEY and cookie/storage operations that are not declared or implemented in the helper script. Before installing or using it, verify: (1) whether your deployment actually requires CAMOFOX_API_KEY for /sessions endpoints and where that key would come from; (2) how cookie/storage export/import will be handled and whether sensitive session data might be exposed; (3) that the default target (127.0.0.1:9377) is a trusted local service (the SKILL.md even notes VNC/noVNC exposure). If you need cookie/storage features, ask the author to (a) declare required env vars (CAMOFOX_API_KEY) in metadata, (b) add explicit support in the helper for safe Authorization header handling, and (c) document data-retention/exfiltration risks. If you cannot confirm those, treat cookie/import operations as potentially risky and avoid providing credentials or storage dumps.
Capability Analysis
Type: OpenClaw Skill Name: camofox-browser-control Version: 0.1.0 The skill bundle provides a legitimate interface for controlling a Camoufox browser automation server via a REST API. The Python helper script (scripts/camofox.py) is a clean wrapper for standard browser actions like navigation, clicking, and typing, and the documentation (SKILL.md, api-cheatsheet.md) correctly describes the tool's intended use for automation and session management. While it includes high-privilege capabilities such as JavaScript evaluation and cookie export, these are standard features for browser automation and are implemented without any evidence of malicious intent, obfuscation, or unauthorized data exfiltration.
Capability Tags
requires-sensitive-credentials
Capability Assessment
Purpose & Capability
Name, description, SKILL.md, cheatsheet, and the helper script all align: they operate against a camofox-browser REST API (default http://127.0.0.1:9377). The provided Python helper implements the documented endpoints. However, the docs reference an Authorization-protected cookie/storage API (CAMOFOX_API_KEY) that is not declared in requires.env and is not used by the helper script—an inconsistency that should be clarified.
Instruction Scope
Instructions explicitly tell the agent/operator to import/export cookies and storage_state and to use VNC/noVNC for interactive login. Those operations can move credentials/session material in/out of the system. The SKILL.md also tells to always send userId and suggests a default live server on localhost; while interacting with localhost is expected, the cookie/storage endpoints require an Authorization header per the cheatsheet (not wired into the script). This gap means the instructions expect access to sensitive session data but the skill does not declare how that secret is supplied or protected.
Install Mechanism
This is an instruction-only skill with no install spec; the only code is a small helper script. Nothing is downloaded or written during installation, which is low risk.
Credentials
requires.env is empty, yet the cheatsheet and SKILL.md mention a CAMOFOX_API_KEY for cookie import and storage_state export. That environment/credential need is not declared and the helper script does not accept or attach an Authorization header. This mismatch could lead to unclear secrets handling (missing, required ad-hoc, or passed in insecure ways).
Persistence & Privilege
The skill is not always-on and does not request elevated or persistent system privileges. It does not modify other skills or system-wide agent settings.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install camofox-browser-control
  3. After installation, invoke the skill by name or use /camofox-browser-control
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial publish: standalone camofox-browser REST skill with helper CLI and API cheatsheet.
Metadata
Slug camofox-browser-control
Version 0.1.0
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Camofox Browser Control?

Control a standalone camofox-browser server over its REST API, especially when a local or remote service is already running on port 9377. Use for opening tab... It is an AI Agent Skill for Claude Code / OpenClaw, with 67 downloads so far.

How do I install Camofox Browser Control?

Run "/install camofox-browser-control" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Camofox Browser Control free?

Yes, Camofox Browser Control is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Camofox Browser Control support?

Camofox Browser Control is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Camofox Browser Control?

It is built and maintained by lotfinity (@lotfinity); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments